Security Operations Analyst – L1

At Armor, we are committed to making a meaningful difference in securing cyberspace. Our vision is to be the trusted protector and de facto standard that cloud-centric customers entrust with their risk. We strive to continuously evolve to be the best partner of choice, breaking norms and tirelessly innovating to stay ahead of evolving cyber threats and reshaping how we deliver customer outcomes. We are passionate about making a positive impact in the world, and we’re looking for a highly skilled and experienced talent to join our dynamic team.

Armor has unique offerings to the market so customers can a) understand their risk b) leverage Armor to co-manage their risk or c) completely outsource their risk to Armor.

Learn more at: https://www.armor.com

Summary

Armor is seeking a talented and motivated individual to serve as a Security Operations Analyst. This position will be primarily responsible for day-to-day analysis of first-line security alerts as Armor's Platform generates them. Working hands-on with best-of-breed toolsets this position will conduct initial analysis of alerts and escalate if needed. 

Essential Duties and Responsibilities(Additional duties may be assigned as required)

• Monitor and provide security analysis on a wide array of service-provider caliber security infrastructure to monitor and protect customer systems from attack. 
• Conduct both network and host-based analysis leveraging security tools as part of log monitoring and initial incident management functions. 
• Monitor, investigate, analyze, and remediate or escalate indications of compromised or breached systems and applications. 
• Work with customers through the Incident Management process based on NIST 800-53 and SANS best practices when issues are detected. 
• Use and reporting of a large-scale SIEM and Data Analytics implementation in a dynamic cloud service provider environment. 
• Conduct daily security log review tasks as required by compliance or regulatory authorities. 
• Monitor and enforce guidelines for best practices in security and compliance in accordance with NIST 800-53. 
• Respond to customer inquiries in a timely manner, guiding and advising customers on security best practices in a friendly customer-facing manner. 
• Research and investigate new and emerging threats and vulnerabilities and participate in security communities. 
  
  

Required Skills

• Moderate Linux and Windows Server OS Administration capabilities. 
• Public Cloud Administration knowledge (Azure, AWS, Oracle) a plus
• Moderate understanding of Intrusion Detection/Protection Systems (IDS/IPS), Web Application Firewalls (WAF), IP Reputation Management Systems, Firewalls including Next-Gen, centrally managed Anti-Malware and Anti-Virus systems, File Integrity Monitoring (FIM), and Security Information and Event Management (SIEM) systems. 
• Moderate understanding of networking, TCP/IP, and passive reconnaissance.
• Fundamental knowledge of Kusto Query Language (KQL) for security log analysis 
• Critical thinker who can analyze and identify basic indicators of compromise on hosts and applications. 
• Ability to put separate pieces of information together during investigations to develop a 'whole' picture.  
• Technical understanding of current cyber security threats and trends including a working familiarity with MITRE ATT&CK Framework
• Ability to prioritize tasks, effectively manage time to ensure customer SLA's and expectations are met. 
• Self-motivated and detail oriented. 
• Able to multi-task, prioritize, and resolve multiple inquiries at once. 
• Solid communication (oral and written) skills 
• Lives the Armor Commitment in daily life through work performance and conduct   
  
  

Education And/or Experience:  

• 1-3 years of job-related experience including security operations, computer security, or information systems operations. 
• The following are required for all SOC members within 90 days of starting
• Microsoft SC-200: Security Operations Analyst Associate
• Microsoft SC-300: Identity and Access Administrator Associate
• Microsoft AZ-500: Azure Security Engineer Associate
• Security and Technical Certifications (preferred): Network+, Security+, CySA+, ECSA, GSEC/GCIH/GCIA. 
• Associate degree or bachelor’s degree in information technology or information security subject areas (preferred)
  
  

WHY ARMOR

Join Armor if you want to be part of a company that is redefining cybersecurity. Here, you will have the opportunity to shape the future, disrupt the status quo, and be a part of a team that celebrates energy, passion, and fresh thinking. We are not looking for someone who simply fills a role – we want talent who will help us write the next chapter of our growth story.

Armor Core Values

• Commitment to Growth: A growth mindset that encourages continuous learning and improvement with adaptability in the face of challenges.
• Integrity Always: Sustain trust through transparency + honesty in all actions and interactions regardless of circumstances.
• Empathy In Action: Active understanding, compassion and support to the needs of others through genuine connection.
• Immediate Impact: Taking initiative with swift, informed actions to deliver positive outcomes.
• Follow-Through: Dedication to delivering finished results with attention to quality and detail to achieve the desired outcomes.
  
  

WORK ENVIRONMENT

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually low to moderate. The work environment can be either in an office setting or remotely from anywhere.

Equal opportunity employer - it is the policy of the company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, national origin, age, disability, genetic information, veteran status, or any other consideration protected by federal, state or local laws.